P2P data storage requires strong reliability and security assurances. Existing data storage solutions have been designed for centralized as well as distributed settings; yet they do not address the security and cooperation issues raised by self-organization. P2P systems also introduce new needs regarding data availability due to the dynamicity of the infrastructure, which are unaddressed so far. This paper first discusses the approaches for tackling these problems. A solution is then introduced that relies on self-organizing security mechanisms in conjunction with a data rejuvenation scheme using erasure codes. 1. Introduction P2P file sharing systems (e.g., KaZaA [1] and BitTorrent [2]) aim at fairly distributing storage services to the whole community of peers. P2P data storage solutions like Wuala [3], AllMyData [4], and UbiStorage [5] have recently appeared with similar scalability objectives. Such approaches unfortunately do not take the selfish nature of peers into account, even though free riding is a well-known fact in unregulated P2P file storage applications. Selfishness is however much more critical for data storage in that selfish peers may destroy the data they are supposed to store on a long-term basis. Techniques for remotely detecting data corruption or destruction have been analyzed in [6–10], and dedicated cryptographic primitives have been proposed. These studies however do not consider the need for a self-organizing data restoration mechanism, which is however critical after data corruption has been detected in order to achieve storage reliability and availability on the long term. The dynamic nature of P2P systems exacerbates these issues in data storage applications because peers can sometimes be offline while their data still need to be preserved within the network. Achieving scalability requirements in that context requires data storage and verification tasks to be delegated, which has not been addressed in existing systems. This paper is structured as follows: the requirements for a secure P2P data storage and maintenance mechanism are first introduced and its five main phases are described. A threat model is then presented that outlines possible attacks that may compromise such a protocol. A new solution is then introduced for achieving self-organizing remote data integrity checking mechanisms in conjunction with an erasure code-based data rejuvenation scheme. The security of this scheme is finally discussed together with data availability and reliability, the latter being analyzed using an analytic model of the maintenance
References
[1]
KaZaA, http://www.kazaa.com/.
[2]
BitTorrent, http://www.bittorrent.com/.
[3]
Wuala, http://wua.la/en/.
[4]
AllMyData Tahoe, http://allmydata.org/.
[5]
UbiStorage, http://www.ubistorage.com/.
[6]
N. Oualha, M. ?nen, and Y. Roudier, “A security protocol for self-organizing data storage,” in Proceedings of the 23rd International Information Security Conference (SEC '08), vol. 278 of IFIP International Federation for Information Processing, pp. 675–679, Milano, Italy, September 2008.
[7]
G. Ateniese, R. Burns, R. Curtmola, et al., “Provable data possession at untrusted stores,” in Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 598–609, Alexandria, Va, USA, 2007.
[8]
Y. Deswarte, J.-J. Quisquater, A. Sa?dane, et al., “Remote integrity checking,” in Proceedings of the 6th Working Conference on Integrity and Internal Control in Information Systems (IICIS' 04), Fairfax, Va, USA, 2004.
[9]
F. Sebe, J. Domingo-Ferrer, A. Martínez-Ballesté, Y. Deswarte, and J.-J. Quisquater, “Efficient remote data possession checking in critical information infrastructures,” IEEE Transactions on Knowledge and Data Engineering, vol. 20, no. 8, pp. 1034–1038, 2008.
[10]
A. Juels and B. S. Kaliski, “PORs: proofs of retrievability for large files,” Cryptology ePrint Archive, Report 2007/243, June 2007.
[11]
R. R. Dingledine, The free haven project: design and deployment of an anonymous secure data haven, M.S. thesis, Massachusetts Institute of Technology, Cambridge, Mass, USA, June, 2000.
[12]
L. Toka and P. Michiardi, “Analysis of user-driven peer selection in peer-to-peer backup and storage systems,” in Proceedings of the 2nd ACM-Valuetools International Workshop on Game Theory in Communication Networks (GameComm '08), p. 428, Athens, Greece, October 2008.
[13]
R. Bhagwan, K. Tati, Y. Cheng, S. Savage, and G. M. Voelker, “TotalRecall: system support for automated availability management,” in Proceedings of the 1st ACM/USENIX Symposium on Networked Systems Design and Implementation (NSDI'04), San Francisco, Calif, USA, 2004.
[14]
N. Oualha and Y. Roudier, “Reputation and audits for self-organizing storage,” in Proceedings of the 1st Workshop on Security in Opportunistic and Social Networks (SOSOC '08), Istanbul, Turkey, September 2008.
[15]
P. B. Godfrey, S. Shenker, and I. Stoica, “Minimizing churn in distributed systems,” SIGCOMM Computer Communication Review, vol. 36, no. 4, pp. 147–158, 2006.
[16]
J. R. Douceur, “The Sybil attack,” in Proceedings of the 1st International Workshop on Peer-to-Peer Systems (IPTPS '02), Cambridge, Mass, USA, 2002.
[17]
V. Vishnumurthy, S. Chandrakumar, and E. G. Sirer, “KARMA: a secure economic framework for P2P resource sharing,” in Proceedings of the Workshop on the Economics of Peer-to-Peer Systems, Berkeley, Calif, USA, June 2003.
[18]
B. N. Levine, C. Shields, and N. B. Margolin, “A survey of solutions to the Sybil attack,” Tech. Rep. 2006-052, University of Massachusetts Amherst, Amherst, Mass, USA, October 2006.
[19]
S. Rhea, G. Wells, P. Eaton, et al., “Maintenance-free global data storage,” IEEE Internet Computing, vol. 5, no. 5, pp. 40–49, 2001.
[20]
H. Weatherspoon, B.-G. Chun, C. W. So, and J. Kubiatowicz, “Long-term data maintenance in wide-area storage systems: a quantitative approach,” Tech. Rep. UCB/CSD-05-1404, EECS Department, University of California, Berkeley, Calif, USA, 2005.
[21]
M. Lillibridge, S. Elnikety, A. Birrell, M. Burrows, and M. Isard, “A cooperative internet backup scheme,” in Proceedings of the Usenix Annual Technical Conference (General Track), pp. 29–41, San Antonio, Tex, USA, June 2003.
[22]
C. Leng, W. W. Terpstra, B. Kemme, W. Stannat, and A. P. Buchmann, “Maintaining replicas in unstructured P2P systems,” in Proceedings of the 4th International Conference on Emerging Networking Experiments and Technologies (CoNEXT '08), pp. 1–12, ACM, 2008.
[23]
D. L. G. Filho and P. S. L. M. Barreto, “Demonstrating data possession and uncheatable data transfer,” Cryptology ePrint Archive, Report 2006/150, 2006, http://eprint.iacr.org/.
[24]
S. Acedański, S. Deb, M. Médard, and R. Koetter, “How good is random linear coding based distributed networked storage?” in Proceedings of the 1st Workshop on Network Coding, Theory, and Applications (NetCod '05), Riva del Garda, Italy, April 2005.
[25]
T. S. J. Schwarz and E. L. Miller, “Store, forget, and check: using algebraic signatures to check remotely administered storage,” in Proceedings of the 26th IEEE International Conference on Distributed Computing Systems(ICDCS '06), July 2006.
[26]
A. Duminuco and E. W. Biersack, “Hierarchical codes: how to make erasure codes attractive for peer-to-peer storage systems,” in Proceedings of the 8th IEEE International Conference on Peer-to-Peer Computing (P2P '08), Aachen, Germany, September 2008.
[27]
D. S. Jones and B. D. Sleeman, Differential Equations and Mathematical Biology, Allen & Unwin, London, UK, 1983.
